JP2013137590A - Authentication device, authentication program and authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide usability equal to the other large majority of users for a part of users whose biological information acquired is unstable.SOLUTION: An authentication device 1 collates biological information 7 acquired from an authentication object person with registration information 9 preliminarily registered. A biological information acquisition unit 2 acquires the biological information 7 from the authentication object person. A determination unit 3 determines whether or not the authentication object person has uncertainty of collation. An information generation unit 4 generates generation information 8. The information generation unit 4 generates first generation information 8a from the biological information 7, and also generates second generation information 8b used for collation from the biological information 7 in addition to the first generation information 8a when the determination unit 3 determines that the authentication object person has the uncertainty of collation. A collation object selection unit 5 selects whether to set first registration information 9a to a collation object or to set second registration information 9b in addition to the first registration information 9a to the collation object. A collation unit 6 collates the registration information 9 selected as the collation object with the corresponding generation information 8.

Description

  The present invention relates to an authentication apparatus, an authentication program, and an authentication method for performing personal authentication using biometric information.

  The human body includes biological information that can identify an individual, and some of them are used as information for identifying and authenticating the individual. For example, it is known that biometric information that can be used for authentication includes fingerprints, eye retinas and irises, faces, blood vessels, and DNA (Deoxyribo Nucleic Acid).

  With the recent progress of biometric authentication technology, various devices for personal authentication by recognizing the characteristics of a living body that is a part of the human body have been provided. In biometric authentication, authentication is performed by comparing biometric information (registration template) collected during registration with biometric information acquired during authentication. This improvement in the accuracy of authentication using biometric information is required to be further improved in order to improve the usability of the biometric authentication device.

  Well-known causes of lowering the accuracy of authentication using biometric information include changes in the surrounding environment, such as changes over time in the living body, changes in external light, and changes in the posture of the biometric information acquisition site. There is proper operation. There are proposals to improve the authentication accuracy by periodically updating registration information, retrying when inappropriate information is acquired, and performing guidance notification to enable acquisition of appropriate information. In addition, there is a proposal of a biometric authentication device that improves the authentication success rate by performing collation using a plurality of registered data such as a fingerprint and a face or a plurality of faces acquired under different conditions.

JP 2011-154415 A JP 2006-85268 A JP 2004-355088 A

  However, as a problem specific to the user, there are some users whose biometric information to be acquired is unstable. Depending on the biometric information acquisition site, stable information may not be acquired depending on the ambient temperature, humidity, sunshine, and physical condition of the user, and depending on the user, the fluctuation range may exceed the authenticable range. There is.

  Even if such a user prepares the surrounding environment and is familiar with the authentication operation, the authentication accuracy is not sufficiently improved, and the user tries to make mistakes, and is dissatisfied with the usability of the biometric authentication device.

  The present invention has been made in view of the above points, and can provide usability equivalent to that of the majority of other users for some users whose biometric information to be acquired is unstable. An object is to provide an authentication device, an authentication program, and an authentication method.

  In order to solve the above problem, the authentication device includes a biometric information acquisition unit, a determination unit, an information generation unit, a verification target selection unit, and a verification unit. The biometric information acquisition unit acquires biometric information from the person to be authenticated. The determination unit determines whether or not the person to be authenticated has uncertainties in verification. The information generation unit generates first generation information used for collation from the biometric information, and uses the second generation information used for collation in addition to the first generation information when the person to be authenticated has uncertainty of collation. Generate from. The collation target selecting unit sets the first registration information registered in advance for collating biometric information as a collation target or the second registration information registered in advance for collating biometric information as the first registration information. In addition to the above, select whether or not to be a collation target. The collation unit collates the registration information selected as a collation target with the corresponding generation information.

  Moreover, in order to solve the said subject, an authentication program makes a computer perform the following processes. The computer obtains biometric information from the authentication target person, determines whether the authentication target person has uncertainties of verification, generates first generation information used for verification from the biometric information, and When there is uncertainty in collation, in addition to the first generation information, second generation information used for collation is generated from the biometric information, and the first registered information registered in advance for collating the biometric information is set as a collation target. Or whether the second registration information registered in advance for collating the biometric information is added to the first registration information as a collation target, and the registration information selected as the collation target and the corresponding generation information And match.

  Moreover, in order to solve the said subject, an authentication method acquires biometric information from an authentication object person, determines whether an authentication object person has the uncertainty of collation, and uses the 1st production | generation information used for collation. In addition to the first generation information, the second generation information to be used for verification is generated from the biometric information and registered in advance in order to verify the biometric information in addition to the first generation information when the person to be authenticated has verification uncertainty. The first registration information that is registered is selected as a verification target, or the second registration information that has been registered in advance for verifying biometric information is selected as a verification target in addition to the first registration information. The registered information selected as is matched with the corresponding generated information.

  According to the authentication apparatus, the authentication program, and the authentication method described above, it is possible to provide the same usability as the majority of other users for some users whose biometric information to be acquired is unstable. .

It is a figure which shows the structure of the authentication apparatus of 1st Embodiment. It is a figure which shows the structure of the authentication system of 2nd Embodiment. It is a figure which shows the hardware structural example of the authentication apparatus of 2nd Embodiment. It is a figure which shows the structure of the sensor unit of 2nd Embodiment. It is a figure which shows the structure which the authentication apparatus of 2nd Embodiment performs registration of biometric information as a registration apparatus. It is a figure which shows an example of the determination of the uncertainty of the biometric authentication which the authentication apparatus of 2nd Embodiment makes object. It is a figure which shows an example of the additional information extraction which the authentication apparatus of 2nd Embodiment performs. It is a figure which shows an example of the registration database which the authentication apparatus of 2nd Embodiment produces | generates. It is a figure which shows an example of the biometric information list | wrist which the authentication apparatus of 2nd Embodiment produces | generates. It is a figure which shows the modification of determination of the uncertainty of the biometric authentication which the authentication apparatus of 2nd Embodiment makes object. It is a figure which shows the modification of determination of the uncertainty of the biometric authentication which the authentication apparatus of 2nd Embodiment makes object. It is a figure which shows the structure which performs 1: N collation of the biometric information of the authentication apparatus of 2nd Embodiment. It is a figure which shows the structure which performs 1: 1 collation of the biometric information of the authentication apparatus of 2nd Embodiment. It is a figure which shows the structure which performs collation of the biometric information of the authentication apparatus of 3rd Embodiment. It is a figure which shows the structure which performs collation of the biometric information of the authentication apparatus of 4th Embodiment. It is a figure which shows the structure which performs collation of the biometric information of the authentication apparatus of 5th Embodiment.

Hereinafter, embodiments will be described with reference to the drawings.
[First Embodiment]
First, the authentication apparatus according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating a configuration of an authentication apparatus according to the first embodiment.

  The authentication device 1 is an authentication device that performs personal authentication using a living body. The authentication device 1 is also a collation device that collates biometric information acquired from an authentication target person and biometric information (registration information) acquired and registered in advance from the authentication target person. The authentication device 1 includes a biometric information acquisition unit 2, a determination unit 3, an information generation unit 4, a verification target selection unit 5, and a verification unit 6.

  The biometric information acquisition unit 2 acquires biometric information 7 from the person to be authenticated. Based on the biometric information 7 acquired by the biometric information acquisition unit 2, the determination unit 3 determines whether or not the person to be authenticated has uncertainties for verification. For example, the biological information acquisition unit 2 acquires two or three or more pieces of biological information 7 having different acquisition timings. The determination unit 3 compares the acquired two or three or more pieces of biological information 7 to determine whether or not there is uncertainty.

  The information generation unit 4 generates generation information 8 used for collation from the biological information 7. The information generation unit 4 generates the first generation information 8a from the biometric information 7, and performs verification in addition to the first generation information 8a when the determination unit 3 determines that the person to be authenticated has uncertainty of verification. Second generation information 8 b to be used is generated from the biological information 7. The first generation information 8a is main generation information used for collation, and the second generation information 8b is sub-generation information additionally used for collation.

  The collation target selection unit 5 uses registered information 9 registered in advance for collating the biometric information 7 as a collation target. The collation target selection unit 5 selects whether the first registration information 9a is to be collated or whether the second registration information 9b is to be collated in addition to the first registration information 9a. The first registration information 9a is main registration information used for collation, and the second registration information 9b is sub registration information used additionally for collation.

  The collation unit 6 collates the registration information 9 selected as the collation target with the corresponding generation information 8. If the first registration information 9a is selected as a verification target, the verification unit 6 verifies the corresponding first generation information 8a and the first registration information 9a. Moreover, if the collation part 6 has selected the 1st registration information 9a and the 2nd registration information 9b as collation object, the corresponding 1st generation information 8a, the 2nd generation information 8b, the 1st registration information 9a, the 1st registration information 9a 2 Check the registration information 9b.

  As a result, the authentication apparatus 1 performs verification using the additional information that is subordinate in addition to the main information for the authentication target person having uncertainty, so that the verification rate is improved, that is, the authentication accuracy is improved. Can be achieved. In addition, the authentication device 1 can perform verification on the main generation information 8 and the main registration information 9 for an authentication target person who has no uncertainty.

Therefore, the authentication device 1 can provide usability equivalent to that of the majority of other users for some authentication subjects whose biometric information 7 to be acquired is unstable.
[Second Embodiment]
Next, an authentication system will be described using the second embodiment. FIG. 2 is a diagram illustrating a configuration of the authentication system according to the second embodiment. As a second embodiment, a system in which the authentication system 10 performs authentication using a palm vein is exemplified, but the present invention is not limited to this, and the present invention is also applicable to a system that performs authentication at other feature detection sites of a living body.

  The authentication system 10 is a system that recognizes characteristics of a living body and identifies and authenticates an individual, and can be used for information system log-on, entrance / exit management, and the like. The authentication system 10 includes an authentication device 20, an authentication device 30, an authentication device 32, an authentication server 35, and a network 36.

  The authentication device 20, the authentication device 30, and the authentication device 32 are devices that perform biometric authentication when authenticating a user. The authentication device 20 is a computer that performs user authentication, and is, for example, a business terminal device that requires a high security level. The authentication device 30 is an ATM (Automated Teller Machine) installed by a financial institution. The authentication device 32 is a security area entry / exit management device.

  The authentication server 35 associates and stores identification information for identifying a user (authentication subject) and biometric information (template) registered in advance before biometric authentication. The identification information for identifying the user is a unique ID (IDentification) given to the user directly (for example, a user number) or indirectly (for example, an account number). The biometric information registered in advance is feature information obtained by extracting a feature portion from image information, encoded information obtained by encoding image information or feature information, and the like.

  The authentication server 35 is a database server of the authentication system 10 and includes various databases (for example, a registration database and a biometric information list described later). The network 36 connects the authentication device 20, the authentication device 30, the authentication device 32, and the authentication server 35 so that they can communicate with each other by wire or wirelessly. Note that the various databases may be included in the authentication device 20, the authentication device 30, and the authentication device 32 instead of the authentication server 35.

  The authentication device 20 includes a processing device 21, a display 22, and a sensor unit built-in mouse 24, and includes a keyboard 23, an IC (Integrated Circuit) card reader / writer 25, and the like as necessary. The sensor unit built-in mouse 24 incorporates a sensor unit. The sensor unit includes an imaging device, images the palm of the user, and outputs a vein image to the processing device 21. The IC card reader / writer 25 reads and writes information on the user's IC card 26. The keyboard 23 and the sensor unit built-in mouse 24 accept input operations.

  Here, palm vein authentication in the authentication apparatus 20 will be described. A user who requests authentication inputs identification information (for example, a user ID) for identifying the user through the keyboard 23, the sensor unit built-in mouse 24, or the IC card reader / writer 25. The authentication device 20 guides the user to input biometric information through display using the display 22. The user inputs biological information by holding his / her hand over the sensor unit built-in mouse 24. The authentication device 20 that has input a palm vein image as biometric information collates the input vein image (biometric information) with the registered template. The registration template can be recorded in the storage unit of the processing device 21, the storage unit of the authentication server 35, or the storage unit of the user's IC card 26. In this case, the authentication device 20 is an authentication device that performs collation (1: 1 collation) between the biometric information input by the user and the biometric information specified by the identification information.

  Note that the authentication device 20 can also perform collation without obtaining identification information for identifying the user from the keyboard 23, the sensor unit built-in mouse 24, or the IC card reader / writer 25. In this case, the authentication device 20 can also be an authentication device that performs verification (1: N verification) between biometric information input by the user and a plurality of biometric information registered in advance.

  The authentication device 30 includes a sensor unit 31. The sensor unit 31 includes an imaging device and images the palm of the user. The authentication device 30 authenticates the user using the vein image. The authentication device 30 includes an IC card reader / writer (not shown) and performs verification using a registration template stored in an IC card (for example, an IC chip built-in type cash card). In this case, the authentication device 30 is an authentication device that performs 1: 1 verification.

  The authentication device 32 includes a sensor unit 33. The sensor unit 33 includes an imaging device and images the palm of the user. The authentication device 32 authenticates the user using the vein image and controls the opening / closing of the door 34. In this case, the authentication device 32 is an authentication device that performs 1: N verification. The authentication device 32 can be an authentication device that performs 1: 1 verification by including an identification information input device such as a numeric keypad or IC card reader / writer in addition to the sensor unit 33.

Next, a hardware configuration example of the authentication device 20 according to the embodiment will be described with reference to FIG. FIG. 3 is a diagram illustrating a hardware configuration example of the authentication apparatus according to the second embodiment.
The authentication device 20 includes a processing device 21, a display 22, a keyboard 23, a sensor unit built-in mouse 24, and an IC card reader / writer 25.

  The entire processing apparatus 21 is controlled by one or more CPUs (Central Processing Units) 21a. A random access memory (RAM) 21b, a hard disk drive (HDD) 21c, a communication interface 21d, a graphic processing device 21e, and an input / output interface 21f are connected to the CPU 21a via a bus 21g.

  The RAM 21b temporarily stores at least part of an OS (Operating System) program and application programs to be executed by the CPU 21a. The RAM 21b stores various data necessary for processing by the CPU 21a. The HDD 21c stores an OS and application programs.

  A display 22 is connected to the graphic processing device 21e. The graphic processing device 21e displays an image on the screen of the display 22 in accordance with a command from the CPU 21a.

  A keyboard 23, a sensor unit built-in mouse 24, and an IC card reader / writer 25 are connected to the input / output interface 21f. Further, the input / output interface 21 f can be connected to a portable recording medium interface that can write information to the portable recording medium 27 and read information from the portable recording medium 27. The input / output interface 21f transmits a signal transmitted from the keyboard 23, the sensor unit built-in mouse 24, the IC card reader / writer 25, and the portable recording medium interface to the CPU 21a via the bus 21g.

  More specifically, the input / output interface 21f may be connected to the sensor unit built-in mouse 24 via a USB (Universal Serial Bus). The processing device 21 receives a vein image from the sensor unit by USB connection.

The communication interface 21d is connected to the network 36. The communication interface 21d transmits / receives data to / from the authentication server 35.
With the hardware configuration as described above, the processing functions of the present embodiment can be realized. The authentication device 30, the authentication device 32, and the authentication server 35 can also be realized with the same hardware configuration.

  The processing device 21 can be configured to include modules each composed of a field programmable gate array (FPGA), a digital signal processor (DSP), or the like, or can be configured without the CPU 21a. In this case, each of the processing devices 21 includes a nonvolatile memory (for example, an EEPROM (Electrically Erasable and Programmable Read Only Memory), a flash memory, a flash memory type memory card, etc.) and stores module firmware. The nonvolatile memory can write firmware through the portable recording medium 27 or the communication interface 21d. As described above, the processing device 21 can also update the firmware by rewriting the firmware stored in the nonvolatile memory.

  Next, a configuration in which the sensor unit built-in mouse 24 acquires image information and distance information and outputs the information to the processing device 21 will be described with reference to FIG. FIG. 4 is a diagram illustrating a configuration of a sensor unit according to the second embodiment. The sensor unit 31 and the sensor unit 33 can have the same configuration as the sensor unit 24a.

  The sensor unit 24a is built in the mouse 24 with a built-in sensor unit. The sensor unit 24a includes a control unit 24b, an imaging unit 24c, a distance measurement unit 24d, a storage unit 24e, and a communication unit 24f.

  The control unit 24b comprehensively controls each processing unit. The imaging unit 24c acquires image information from a living body that is a subject. The imaging unit 24c includes an image sensor (for example, a CMOS (Complementary Metal Oxide Semiconductor) sensor, a CCD (Charge Coupled Device) sensor, etc.), a condenser lens, and a plurality of near-infrared light emitting elements (irradiating a subject). LED: Light Emitting Diode). The near-infrared light emitting element is provided, for example, around the image sensor, emits near-infrared light toward the subject direction (upward), and the image sensor images the subject irradiated with the near-infrared ray. The image sensor can capture a palm as a subject in a wide imaging range through a condenser lens (wide-angle lens).

  The distance measuring unit 24d acquires distance information from a living body that is a subject. The sensor unit 24a can take an image of a palm at a distance within a predetermined range by measuring an imaging timing with a distance measuring sensor. In addition, the imaging unit 24c continuously captures images at a predetermined timing (for example, captures 15 frames per second), and whether or not the user has uncertainties in collating one or more vein images from these images. You may make it use for determination of.

  The storage unit 24e stores the image information acquired by the imaging unit 24c and the distance information acquired by the distance measuring unit 24d in association with the image information. The communication unit 24f is connected to the processing device 21 and receives instructions from the processing device 21 and transmits image information and distance information.

  The image captured by the sensor unit 24a is an image obtained by irradiating a living body (palm) as a subject with near-infrared rays and capturing reflected light. Since hemoglobin in the red blood cells flowing in the veins has lost oxygen, this hemoglobin (reduced hemoglobin) has a property of absorbing near infrared rays in the vicinity of 700 nm to 1000 nm. Therefore, when near infrared rays are applied to the palm, only a portion where the vein is present is less reflected, and the position of the vein can be recognized by the intensity of reflected light of the near infrared ray. The vein image is an achromatic image although it is easy to extract characteristic information by using a specific light source.

  Next, a configuration for realizing a registration process in which biometric information used for authentication by the authentication device 20 is registered in advance will be described with reference to FIGS. FIG. 5 is a diagram illustrating a configuration in which the authentication apparatus according to the second embodiment performs registration of biometric information as a registration apparatus. FIG. 6 is a diagram illustrating an example of determination of uncertainty of biometric authentication targeted by the authentication apparatus according to the second embodiment. FIG. 7 is a diagram illustrating an example of additional information extraction executed by the authentication apparatus according to the second embodiment. FIG. 8 is a diagram illustrating an example of a registration database generated by the authentication apparatus according to the second embodiment. FIG. 9 is a diagram illustrating an example of a biometric information list generated by the authentication device according to the second embodiment.

  The authentication device 20 includes a user information acquisition unit 60, an image acquisition unit 61, an image selection unit 62, a fluctuation amount determination unit 63, a fluctuation factor identification unit 64, a correction unit 65, an additional information generation unit 66, A retry unit 67 and a registration unit 68 are provided. Each of these processing units can be realized by the hardware configuration shown in FIG.

  The user information acquisition unit 60 acquires user (user) identification information in order to associate with biometric information to be registered. If there is no need to identify the user, non-overlapping information such as a serial number may be acquired. The user information acquisition unit 60 can input user information from the keyboard 23, the sensor unit built-in mouse 24, or the IC card reader / writer 25.

  The image acquisition unit 61 captures the palm of the user and acquires a vein image of the palm in order to acquire biometric information used for registration. Thereby, the authentication device 20 can acquire a vein image of the palm of the user. In addition, in order to use whether or not the user's biometric information has a verification uncertainty, the image acquisition unit 61 images the palm a plurality of times, and the authentication device 20 uses the user's palm. Obtain multiple vein images. The image acquisition unit 61 can capture the palm of the user with the sensor unit built-in mouse 24. For example, the sensor unit built-in mouse 24 picks up a plurality of vein images at different imaging timings from the holding operation of holding the palm over the imaging unit 24c.

  The image selection unit 62 selects one vein image with little difference between frames from the plurality of vein images acquired by the image acquisition unit 61. Similarly, the image acquisition unit 61 and the image selection unit 62 repeat acquisition and selection of a plurality of vein images a plurality of times (for example, twice) to select a plurality of vein images.

  The variation amount determination unit 63 determines whether the variation amounts of the plurality of vein images selected by the image selection unit 62 are within a predetermined threshold range. At this time, the variation amount determination unit 63 sets the vein pattern in the region of the vein image cut out from the vein image as the variation amount evaluation target.

  Here, the fluctuation amount evaluation of the two vein patterns executed by the fluctuation amount determination unit 63 will be described with reference to FIG. The two vein patterns shown in FIG. 6 (1) are processed by the fluctuation amount determination unit 63 so that the difference between the fluctuation amounts is within the threshold value range and the user's biometric information has no verification uncertainty. Is determined to be possible.

  The fluctuation amount determination unit 63 decomposes the veins constituting the vein pattern 40a into one unit, and calculates the total la1 of the length l of each vein. Further, the fluctuation amount determination unit 63 decomposes the veins constituting the vein pattern 40b into one unit, and calculates the total la2 of the length l of each vein. The fluctuation amount determination unit 63 calculates a difference abs (la1−la2) between the total la1 of the vein pattern 40a and the total la2 of the vein pattern 40b, and compares it with the threshold Lth. Thereby, the variation amount determination unit 63 determines that the user who has collected the vein pattern 40a and the vein pattern 40b does not have the uncertainties because abs (la1-la2) ≦ Lth.

  On the other hand, in the two vein patterns shown in FIG. 6 (2), the fluctuation amount determination unit 63 causes the difference in fluctuation amount to be outside the threshold value range, and the user's biometric information has uncertainties of matching. If it is handled, it is determined that it is difficult to authenticate.

  The fluctuation amount determination unit 63 decomposes the veins constituting the vein pattern 40c into one unit, and calculates the total lb1 of the length l of each vein. Further, the fluctuation amount determination unit 63 decomposes the veins constituting the vein pattern 40d into one unit, and calculates the total lb2 of the length l of each vein. The fluctuation amount determination unit 63 calculates a difference abs (lb1−lb2) between the total lb1 of the vein pattern 40c and the total lb2 of the vein pattern 40d and compares it with the threshold value Lth. As a result, the variation amount determination unit 63 determines that the user who has collected the vein pattern 40c and the vein pattern 40d has uncertainties of verification because abs (lb1-lb2)> Lth.

  The fluctuation amount determination unit 63 proceeds to processing by the registration unit 68 when the biometric information of the user has no verification uncertainty. On the other hand, the fluctuation amount determination unit 63 proceeds to the processing by the fluctuation factor identification unit 64 when the biometric information of the user has uncertainties of collation.

  The variation factor identifying unit 64 identifies the variation factor that has been determined that the biometric information of the user has uncertainties in verification. The variation factor specifying unit 64 evaluates the external environment and determines whether or not a change in the external environment is a variation factor. For example, the change factor specifying unit 64 determines that the change in the external environment is the change factor when the change in the brightness of the entire photographed image or the change in the brightness of the palm background is larger than a predetermined change amount. Can do. As a result, when the variation factor specifying unit 64 determines that the change in the external environment is the variation factor, the variation factor specifying unit 64 proceeds to the processing by the retry unit 67.

  Next, the variation factor specifying unit 64 evaluates the posture of the palm and determines whether or not the palm cut-out posture is a variation factor. For example, the variation factor specifying unit 64 cuts out the palm from the entire photographed image and evaluates the posture of the palm from the size, shape, inclination, and the like. The variation factor specifying unit 64 can determine that the palm posture is the variation factor when the palm posture is not appropriate. As a result, when the variation factor specifying unit 64 determines that an inappropriate posture of the palm is the variation factor, the variation factor specifying unit 64 proceeds to processing by the correction unit 65.

  The variation factor specifying unit 64 determines that there is a problem specific to the user when neither the external environment nor the posture of the palm can be determined as the variation factor. As a result, the variation factor specifying unit 64 proceeds to processing by the additional information generating unit 66.

  Note that the variation factor specifying unit 64 may include information from various sensors (not shown) such as temperature, humidity, and illuminance in the determination material for determining whether or not the change in the external environment is a variation factor. Moreover, even if it is determined that the change in the external environment is a variation factor, the variation factor specifying unit 64 may proceed to processing by the correction unit 65 when it is determined that correction is possible. Further, even if it is determined that the posture of the palm is the variation factor, the variation factor specifying unit 64 may proceed to the processing by the retry unit 67 when it is determined that correction is not possible.

  The correcting unit 65 corrects the vein image from which the vein pattern is extracted. The correction unit 65 can correct the brightness and the shape, and can correct the vein image for all or part of the captured image.

  The retry unit 67 informs the user of re-handling the hand over in order to acquire a vein image again by the image acquisition unit 61. The retry unit 67 performs guidance and notification by sound from a speaker (not shown) in addition to the display on the display 22. When the retry unit 67 guides and informs about the re-handling of the hand, for example, “please widen the palm” can be used to instruct a method for correcting the palm to an appropriate posture.

The additional information generation unit 66 generates biometric information that is additionally registered by the registration unit 68 in addition to the biometric information that is normally registered by the registration unit 68.
Here, generation of biological information to be additionally registered, which is executed by the additional information generation unit 66, will be described with reference to FIG. A luminance graph 41 shown in FIG. 7 shows a luminance distribution in one of the scanning lines scanned when analyzing the luminance of the palm surface of the user (for example, a scanning line obtained by scanning the palm in the horizontal direction). The vein pattern 40p is a vein pattern generated by applying the threshold 42 to the luminance graph 41. The vein pattern 40q is a vein pattern generated by applying the threshold value 43 to the luminance graph 41. The threshold value 43 is set so as to extract a larger amount of information from the vein image compared to the threshold value 42.

  Therefore, the vein pattern 40q has a larger amount of information than the vein pattern 40p. Assuming that the vein pattern 40p is the normal biometric information to be registered, the increment of the vein pattern 40q with respect to the vein pattern 40p corresponds to the biometric information to be additionally registered. The additional information generation unit 66 can generate a vein pattern of the palm by extracting the biological information within a required range on the palm surface of the user.

  Note that the generation of biological information to be additionally registered, which is executed by the additional information generation unit 66, can be generated in various known modes other than the mode illustrated in FIG. For example, the additional information generation unit 66 can perform correction for sharpening the luminance graph 41 or correction for applying a bias. Further, the additional information generation unit 66 can extract a high frequency component from the luminance distribution after the fast Fourier transform, and can enhance the contrast after the inverse fast Fourier transform. Even in such a case, the additional information generation unit 66 can generate information having different amounts of information from the image before correction and the image after correction.

The generation of the vein pattern used by the variation amount determination unit 63 for the variation amount determination can be performed in the same manner.
When the fluctuation amount determination unit 63 determines that the biometric information of the user has no verification uncertainty, the registration unit 68 registers the vein pattern as the normal biometric information to be registered for verification. . On the other hand, when the fluctuation amount determination unit 63 determines that the biometric information of the user has uncertainties in the collation, the registration unit 68 adds the biometric information to be registered as a normal target. A vein pattern including biometric information to be registered is registered for verification.

  Here, information registered by the registration unit 68 will be described with reference to FIGS. The registration database 50 shown in FIG. 8 records information used for collation of a plurality of users. The registration database 50 is held by the authentication server 35 and the processing device 21. In addition, when performing 1: 1 collation, the registration database 50 may record only the information used for collation of one user. In that case, the registration database 50 may be held in the processing device 21 or the IC card 26.

  The registration database 50 records the user ID, registration date, type, left / right, verification information, and verification additional information. The user ID is information that can uniquely identify the user. The registration date is information in which collation information is registered. The registration database 50 can also set the expiration date of the verification information based on the registration date. The type is information indicating whether or not the user has uncertainties in verification. The type is “difficult” if the user has uncertainties in matching, and “standard” if the user has no uncertainties in matching. The type is set at the time of registration, but may be updated by a matching history. For example, the registration unit 68 can change the type from “difficult” to “standard” when it becomes impossible to confirm the uncertainty of the collation of the user. Left / right is information for distinguishing the left and right of the palm used for collation. The collation information is the number of veins constituting the vein pattern, which is biometric information to be registered normally. A vein pattern is handled as a collection of one or more veins. The verification additional information is the number of vein patterns that are biometric information to be additionally registered.

  For example, the user ID “# 0001” has a registration date of February 2, 2011, a type of “standard”, a left / right distinction of “right”, and 100 veins as collation information. The following vein pattern is registered. Since the type of the user ID “# 0001” is “standard”, the verification additional information is not registered. The user ID “# 0002” has a registration date of March 3, 2011, a type of “difficult”, a left / right distinction of “right”, and a vein pattern consisting of 60 veins as collation information. Is registered. Since the type of the user ID “# 0002” is “difficult”, a vein pattern consisting of 30 veins is registered as additional verification information.

  As described above, the registration database 50 records the collation additional information for the user whose type is “difficult” and does not record the collation additional information for the user whose type is “standard”. The recording capacity for storing images is not excessive.

  As shown in FIG. 9, detailed information is recorded in the biometric information list 51 for each vein whose number is recorded in the collation information and the collation additional information. The biometric information list 51 records identification information, points, and a plurality of points (P1, P2,..., P20) that form vein patterns. The identification information is information that can uniquely identify the veins constituting the vein pattern. The score is the number of points that form a vein pattern. The position of the point forming the vein pattern is represented by the x coordinate and the y coordinate, and the certainty of the coordinate is represented by the certainty factor t. When the certainty factor is large, the existence of the point is strongly affirmed, and when the certainty factor is small, the existence of the point is weakly affirmed. The veins constituting the vein pattern are linked in order from the point P1, the point P2, and the point P3, so that an approximate shape can be reproduced.

  For example, the identification information “# D0001” has a score of “10” and is 10 points forming a vein, P1 “x11, y11, t11”, P2 “x12, y12, t12”,. x1A, y1A, t1A "are recorded. Further, the identification information “# D0002” has a score of “8” and is eight points forming a vein, P1 “x21, y21, t21”, P2 “x22, y22, t22”,. x28, y28, t28 "(not shown) are recorded.

  The biometric information list 51 may record a vector tracing a vein, a collection of points, or the like instead of a plurality of points (P1, P2,..., P20) that form a vein.

  With this configuration, the authentication device 20 can function as a registration device that can register biometric information used for verification. The authentication device 20 makes the registration database 50 compact while facilitating the collation of users who have uncertainties of collation because the user varies the amount of biometric information to be registered according to the uncertainties of collation. It is possible to design.

  Next, a modified example of determination of the uncertainty of biometric authentication targeted by the authentication apparatus of the second embodiment will be described with reference to FIGS. FIG. 10 and FIG. 11 are diagrams illustrating modified examples of determination of uncertainty of biometric authentication targeted by the authentication apparatus of the second embodiment.

  A first modification is shown in FIGS. 10 (1) and 10 (2). The two vein patterns shown in FIG. 10 (1) are processed by the fluctuation amount determination unit 63 so that the difference between the fluctuation amounts is within the threshold value range and the user's biometric information has no verification uncertainty. Is determined to be possible.

  The fluctuation amount determination unit 63 calculates the center of gravity ga1 of the vein that configures the vein pattern 40e. Furthermore, the fluctuation amount determination unit 63 calculates the center of gravity ga2 of the veins that make up the vein pattern 40f. The variation determination unit 63 calculates a distance abs (ga1−ga2) between the center of gravity ga1 of the vein pattern 40e and the center of gravity ga2 of the vein pattern 40f and compares it with the threshold Gth. As a result, the variation amount determination unit 63 determines that the user who has collected the vein pattern 40e and the vein pattern 40f has no uncertainties because abs (ga1−ga2) ≦ Gth.

  On the other hand, in the two vein patterns shown in FIG. 10 (2), the fluctuation amount determination unit 63 causes the difference in fluctuation amount to be outside the threshold range, and the user's biometric information has uncertainties in collation. If it is handled, it is determined that it is difficult to authenticate.

  The fluctuation amount determination unit 63 calculates the center of gravity gb1 of the vein that configures the vein pattern 40g. Further, the fluctuation amount determination unit 63 calculates the center of gravity gb2 of the vein that configures the vein pattern 40h. The variation determination unit 63 calculates a distance abs (gb1-gb2) between the center of gravity gb1 of the vein pattern 40g and the center of gravity gb2 of the vein pattern 40h, and compares it with the threshold Gth. As a result, the variation amount determination unit 63 determines that the user who has collected the vein pattern 40g and the vein pattern 40h has no verification uncertainty because abs (gb1-gb2)> Gth.

  Note that the calculation of the center of gravity is performed to determine whether or not the difference between the fluctuation amounts is within the threshold range, and the calculation of the center of gravity in a strict sense is not necessarily obtained. Therefore, the fluctuation amount determination unit 63 can calculate the center of gravity using a known calculation method. For example, the fluctuation amount determination unit 63 can use, as the center of gravity, the coordinates that minimize the sum of the distances from all points (see FIG. 9) that form a plurality of veins.

  A second modification is shown in FIGS. 11 (1) and 11 (2). In the two vein patterns shown in FIG. 11 (1), the fluctuation amount determining unit 63 determines that the difference between fluctuation amounts is within the threshold value range, and the user's biometric information has no verification uncertainty. Is determined to be possible.

  The variation amount determination unit 63 calculates the variation amount Ha1 of the veins that make up the vein pattern 40i. Further, the variation amount determination unit 63 calculates the variation amount Ha2 of the veins that make up the vein pattern 40j. At this time, the variation amount determination unit 63 sets Hap as the change amount that increases with respect to the vein pattern 40i in the vein pattern 40j, and sets Ham as the change amount that decreases with respect to the vein pattern 40i in the vein pattern 40j. .

  For example, the vein pattern 40j has one vein (indicated by a thick line) counted as an increase and one vein (indicated by a broken line) counted as a decrease, so that Hap = 1 and Ham = 1. Become. Since the vein pattern 40i has Ha1 = 8, Ha2 = Ha1 + Hap−Ham = 8 + 1−1 = 8.

  The fluctuation amount determination unit 63 calculates the change rate Ha1 of the vein pattern 40i and the change rate abs (Ha1 / (Ha2 + Hap + Ham)) of the change amount Ha2 of the vein pattern 40j and compares it with the threshold value Hth. As a result, the variation determination unit 63 determines that the user who has collected the vein pattern 40i and the vein pattern 40j does not have uncertainties of verification because abs (Ha1 / (Ha2 + Hap + Ham)) ≦ Hth.

  On the other hand, in the two vein patterns shown in FIG. 11 (2), the fluctuation amount determination unit 63 causes the difference in fluctuation amount to be outside the range of the threshold and the user's biometric information has uncertainties of matching. If it is handled, it is determined that it is difficult to authenticate.

  The variation amount determination unit 63 calculates the variation amount Hb1 of the veins that make up the vein pattern 40m. Further, the fluctuation amount determination unit 63 calculates a change amount Hb2 of the veins that make up the vein pattern 40n. At this time, the variation amount determination unit 63 sets the amount of change in the vein pattern 40n that increases with respect to the vein pattern 40m as Hbp, and the amount of change in the vein pattern 40n that decreases with respect to the vein pattern 40m as Hbm. .

  For example, since the vein pattern 40n has two veins counted as an increase and two veins counted as a decrease, Hbp = 2 and Hbm = 2. Since the vein pattern 40m is Hb1 = 7, Hb2 = Hb1 + Hbp−Hbm = 7 + 2-2 = 7.

  The variation amount determination unit 63 calculates a change rate abs (Hb1 / (Hb2 + Hbp + Hbm)) of the change amount Hb1 of the vein pattern 40m and the change amount Hb2 of the vein pattern 40n, and compares it with the threshold value Hth. As a result, the variation amount determination unit 63 determines that the user who has collected the vein pattern 40m and the vein pattern 40n has uncertainties of verification because abs (Hb1 / (Hb2 + Hbp + Hbm))> Hth.

  Next, a configuration for realizing 1: N verification executed by the authentication device 32 at the time of authentication will be described with reference to FIG. FIG. 12 is a diagram illustrating a configuration for performing 1: N verification of biometric information of the authentication apparatus according to the second embodiment.

  The authentication device 32 includes an image acquisition unit 61, an image selection unit 62, a fluctuation amount determination unit 63, a fluctuation factor identification unit 64, a correction unit 65, an additional information generation unit 66, a retry unit 67, and additional information. There is provided a non-matching target specifying unit 69, a matching target specifying unit 70 with additional information, and a matching unit 71. Each of these processing units can be realized by the hardware configuration shown in FIG. In addition, about the structure similar to the structure for the authentication apparatus 20 to function as a registration apparatus, the name and number are the same and description is simplified.

  The authentication device 32 performs 1: N verification without inputting user information. Therefore, the authentication device 32 does not require input of user information from the IC card reader / writer 25, for example.

  The image acquisition unit 61 captures the palm of a user (user) and acquires a vein image of the palm in order to acquire biometric information used for collation. The image selection unit 62 selects one vein image with little difference between frames from the plurality of vein images acquired by the image acquisition unit 61. Similarly, the image acquisition unit 61 and the image selection unit 62 repeat acquisition and selection of a plurality of vein images a plurality of times (for example, twice) to select a plurality of vein images.

  The variation amount determination unit 63 determines whether the variation amounts of the plurality of vein images selected by the image selection unit 62 are within a predetermined threshold range. When the user's biometric information has no verification uncertainty, the fluctuation amount determination unit 63 proceeds to processing by the verification target designation unit 69 without additional information. On the other hand, when the user's biometric information has uncertainties in collation, the fluctuation amount determination unit 63 proceeds to processing by the collation target designation unit 70 with additional information.

  The variation factor identifying unit 64 identifies the variation factor that has been determined that the biometric information of the user has uncertainties in verification. When the variation factor identification unit 64 determines that the change in the external environment is the variation factor, the variation factor identification unit 64 determines that the inappropriate posture of the palm is the variation factor. In this case, the processing by the correction unit 65 is performed. If neither the external environment nor the posture of the palm can be determined to be a variation factor, the variation factor identification unit 64 determines that there is a problem specific to the user and proceeds to processing by the additional information generation unit 66.

  The correcting unit 65 corrects the vein image from which the vein pattern is extracted. The retry unit 67 informs the user of re-handling the hand over in order to acquire a vein image again by the image acquisition unit 61. The additional information generation unit 66 generates biometric information that is additionally targeted by the collation unit 71 in addition to the biometric information that is the normal collation target by the collation unit 71.

  The collation target designating unit 69 without additional information designates collation information having no additional information as a collation target. That is, the additional information-less verification target designating unit 69 sets a user who does not have verification additional information in the registration database 50 and whose type is “standard” as a verification target.

  The additional information presence verification target designating unit 70 specifies verification information having additional information as a verification target. In other words, the additional information matching target designating unit 70 sets a user who has the additional verification information in the registration database 50 and whose type is “difficult” as the verification target.

  The collation unit 71 performs 1: N collation for the user designated by the collation target designation unit 69 without additional information or the collation target designation unit 70 with additional information as a collation target. That is, the collation unit 71 collates the biometric information generated as a normal collation target with the collation information provided by the user designated by the collation target designation unit 69 without additional information. In addition to the biometric information generated as the normal verification target, the verification unit 71 includes the biometric information generated as the additional verification target, which is provided by the user specified by the verification target specifying unit 70 with additional information. Information and verification additional information are verified.

  In this way, the authentication device 32 may target a user who has been determined to have uncertainty in biometric information collation as a collation target for a user registered as having uncertainty in biometric information collation. Therefore, the success rate of collation can be improved. As a result, the authentication device 32 improves the usability of the user who frequently fails the verification.

  Next, a configuration for realizing the 1: 1 verification executed when the authentication apparatus 30 performs authentication will be described with reference to FIG. FIG. 13 is a diagram illustrating a configuration for executing 1: 1 verification of biometric information of the authentication device according to the second embodiment.

  The authentication device 30 includes a user information acquisition unit 60, an image acquisition unit 61, an additional information generation unit 66, a verification information acquisition unit 72 without additional information, a verification information acquisition unit 73 with additional information, and a verification unit 71. . Each of these processing units can be realized by the hardware configuration shown in FIG. In addition, about the structure similar to the structure for the authentication apparatus 20 to function as a registration apparatus, the name and number are the same and description is simplified.

  The user information acquisition unit 60 acquires identification information in order to specify the type of user (user). For example, since the authentication device 30 is an ATM, the identification information can be an account number, and can be read from a magnetic stripe included in a cash card or a passbook by an MS (Magnetic Stripe) reader (not shown). .

  The verification information acquisition unit 72 without additional information acquires verification information having no additional information from the registration database 50 when the type acquired by the user information acquisition unit 60 is “standard”. The verification information acquisition unit 73 with additional information acquires verification information having additional information from the registration database 50 when the type acquired by the user information acquisition unit 60 is “difficult”.

  The image acquisition unit 61 captures the palm of the user and acquires a vein image of the palm in order to acquire biometric information used for collation. When the type acquired by the user information acquisition unit 60 is “standard”, the image acquisition unit 61 proceeds to processing by the verification unit 71. On the other hand, when the type acquired by the user information acquisition unit 60 is “difficult”, the image acquisition unit 61 proceeds to processing by the additional information generation unit 66. The additional information generation unit 66 generates biometric information that is additionally targeted by the collation unit 71 in addition to the biometric information that is the normal collation target by the collation unit 71.

  The collation unit 71 performs 1: 1 collation using the collation information acquired by the collation information acquisition unit 72 without additional information or the collation information acquisition unit 73 with additional information as a collation target. That is, the collation unit 71 collates the biometric information generated as a normal collation target with the collation information acquired by the collation information acquisition unit 72 without additional information. In addition to the biometric information generated as a normal verification target, the verification unit 71 uses the verification information and the verification additional information acquired by the verification information acquisition unit 73 with additional information as biometric information generated as an additional verification target. Match.

  In this way, the authentication device 30 uses the verification additional information registered as having uncertainty in the verification of the biometric information for the user registered as having uncertainty in the verification of the biometric information. Can be done. Therefore, the authentication device 30 can improve the success rate of verification for users who have uncertainty in verification of biometric information. As a result, the authentication device 30 improves the usability of the user who often fails repeatedly.

[Third Embodiment]
Next, an authentication apparatus according to a third embodiment will be described with reference to FIG. FIG. 14 is a diagram illustrating a configuration for performing biometric information collation of the authentication device according to the third embodiment. The authentication device 30a of the third embodiment is the same as the authentication device 30 of the second embodiment in that it performs 1: 1 verification, but differs in that it determines whether to generate additional information each time verification is performed. To do.

  The authentication device 30a includes a user information acquisition unit 60, an image acquisition unit 61, an image selection unit 62, a fluctuation amount determination unit 63, an additional information generation unit 66, a no-addition information collation information acquisition unit 72, and additional information. A collation information acquisition unit 73 and a collation unit 71 are provided. Each of these processing units can be realized by the hardware configuration shown in FIG. About the structure similar to the structure for the authentication apparatus 20 to function as a registration apparatus, a name and a number are the same and description is simplified.

  The user information acquisition unit 60 acquires identification information in order to specify the type of user (user). The verification information acquisition unit 72 without additional information acquires verification information having no additional information from the registration database 50 when the type acquired by the user information acquisition unit 60 is “standard”. The verification information acquisition unit 73 with additional information acquires verification information having additional information from the registration database 50 when the type acquired by the user information acquisition unit 60 is “difficult”.

  The image acquisition unit 61 captures the palm of the user and acquires a vein image of the palm in order to acquire biometric information used for collation. The image selection unit 62 selects one vein image with little difference between frames from the plurality of vein images acquired by the image acquisition unit 61. Similarly, the image acquisition unit 61 and the image selection unit 62 repeat acquisition and selection of a plurality of vein images a plurality of times (for example, twice) to select a plurality of vein images.

  The variation amount determination unit 63 determines whether the variation amounts of the plurality of vein images selected by the image selection unit 62 are within a predetermined threshold range. The fluctuation amount determination unit 63 proceeds to the processing by the verification unit 71 when the biometric information of the user has no verification uncertainty. On the other hand, the fluctuation amount determination unit 63 proceeds to processing by the additional information generation unit 66 when the biometric information of the user has uncertainties in the collation. The additional information generation unit 66 generates biometric information that is additionally targeted by the collation unit 71 in addition to the biometric information that is the normal collation target by the collation unit 71.

  The collation unit 71 performs 1: 1 collation using the collation information acquired by the collation information acquisition unit 72 without additional information or the collation information acquisition unit 73 with additional information as a collation target. That is, the collation unit 71 collates the biometric information generated as a normal collation target with the collation information acquired by the collation information acquisition unit 72 without additional information. In addition to the biometric information generated as a normal verification target, the verification unit 71 uses the verification information and the verification additional information acquired by the verification information acquisition unit 73 with additional information as biometric information generated as an additional verification target. Match.

  As described above, the authentication device 30a performs verification using the verification additional information registered as having uncertainty in biometric information verification for the user who has determined that biometric information verification is uncertain. be able to. Therefore, the authentication device 30a can improve the success rate of verification for users who have uncertainty in verification of biometric information. As a result, the authentication device 30a improves the usability of the user who frequently fails the verification.

  The authentication device 30a has instability in the content registered as a type in the registration database 50 when the determination result by the variation amount determination unit 63 and the user type acquired by the user information acquisition unit 60 are different. You may record that. The authentication device 30a may update the content recorded in the type based on the record that there is instability. In this case, the authentication device 30a can change the content recorded in the type from “difficult” to “standard”. Alternatively, the authentication device 30a can shorten the expiration date of the registered content based on the record indicating that there is instability.

[Fourth Embodiment]
Next, an authentication apparatus according to a fourth embodiment will be described with reference to FIG. FIG. 15 is a diagram illustrating a configuration for performing biometric information collation of the authentication device according to the fourth embodiment. The authentication device 30b according to the fourth embodiment is the same as the authentication device 30 according to the second embodiment in that 1: 1 verification is performed, but whether verification additional information is included in verification information acquired from the registration database 50. It is different from the authentication device 30 in that it is determined whether or not each time collation is performed.

  The authentication device 30b includes a user information acquisition unit 60, an image acquisition unit 61, an image selection unit 62, a fluctuation amount determination unit 63, an additional information generation unit 66, an additional information no matching information acquisition unit 72, and additional information. A collation information acquisition unit 73 and a collation unit 71 are provided. Each of these processing units can be realized by the hardware configuration shown in FIG. About the structure similar to the structure for the authentication apparatus 20 to function as a registration apparatus, a name and a number are the same and description is simplified.

  The user information acquisition unit 60 acquires identification information in order to specify the type of user (user). The image acquisition unit 61 captures the palm of the user and acquires a vein image of the palm in order to acquire biometric information used for collation. The image selection unit 62 selects one vein image with little difference between frames from the plurality of vein images acquired by the image acquisition unit 61. Similarly, the image acquisition unit 61 and the image selection unit 62 repeat acquisition and selection of a plurality of vein images a plurality of times (for example, twice) to select a plurality of vein images.

  The variation amount determination unit 63 determines whether the variation amounts of the plurality of vein images selected by the image selection unit 62 are within a predetermined threshold range. When the user's biometric information has no verification uncertainty, the fluctuation amount determination unit 63 proceeds to processing by the verification information acquisition unit 72 without additional information. On the other hand, the fluctuation amount determination unit 63 proceeds to processing by the additional information generation unit 66 when the biometric information of the user has uncertainties in the collation.

  The additional information generation unit 66 generates biometric information that is additionally targeted by the collation unit 71 in addition to the biometric information that is the normal collation target by the collation unit 71. The verification information acquisition unit 72 without additional information acquires verification information having no additional information from the registration database 50. The verification information acquisition unit 73 with additional information acquires verification information having additional information from the registration database 50.

  The collation unit 71 performs 1: 1 collation using the collation information acquired by the collation information acquisition unit 72 without additional information or the collation information acquisition unit 73 with additional information as a collation target. That is, the collation unit 71 collates the biometric information generated as a normal collation target with the collation information acquired by the collation information acquisition unit 72 without additional information. In addition to the biometric information generated as a normal verification target, the verification unit 71 uses the verification information and the verification additional information acquired by the verification information acquisition unit 73 with additional information as biometric information generated as an additional verification target. Match.

  In the authentication device 30b, when the determination result by the variation amount determination unit 63 corresponds to the type “difficult” and the type of user recorded in the registration database 50 is “standard”, the verification unit 71 stores the additional information. You may make it discard and perform collation determination. Further, in the authentication device 30b, when the determination result by the fluctuation amount determination unit 63 corresponds to the type “standard” and the type of user recorded in the registration database 50 is “difficult”, the verification unit 71 The user type to be recorded may be regarded as “standard” and the collation determination may be performed.

  In this way, the authentication device 30b performs verification using the verification additional information registered as having uncertainty in biometric information verification for a user who has determined that biometric information verification is uncertain. be able to. Therefore, the authentication device 30b can improve the success rate of verification for users who have uncertainty in verification of biometric information. As a result, the authentication device 30b improves the usability of the user who frequently fails the verification.

[Fifth Embodiment]
Next, an authentication apparatus according to a fifth embodiment will be described with reference to FIG. FIG. 16 is a diagram illustrating a configuration for performing biometric information collation of the authentication device according to the fifth embodiment.

  The authentication device 30c includes a user information acquisition unit 60, an image acquisition unit 61, an image selection unit 62, a fluctuation amount determination unit 63, an additional information generation unit 66, a no-addition information collation information acquisition unit 72, and additional information. A collation information acquisition unit 73 and a collation unit 71 are provided. Each of these processing units can be realized by the hardware configuration shown in FIG. About the structure similar to the structure for the authentication apparatus 20 to function as a registration apparatus, a name and a number are the same and description is simplified.

  The user information acquisition unit 60 acquires identification information in order to specify the type of user (user). The image acquisition unit 61 captures the palm of the user and acquires a vein image of the palm in order to acquire biometric information used for collation. The image selection unit 62 selects one vein image with little difference between frames from the plurality of vein images acquired by the image acquisition unit 61. Similarly, the image acquisition unit 61 and the image selection unit 62 repeat acquisition and selection of a plurality of vein images a plurality of times (for example, twice) to select a plurality of vein images.

  The variation amount determination unit 63 determines whether the variation amounts of the plurality of vein images selected by the image selection unit 62 are within a predetermined threshold range. When the user's biometric information has no verification uncertainty, the fluctuation amount determination unit 63 proceeds to processing by the verification information acquisition unit 72 without additional information. On the other hand, the fluctuation amount determination unit 63 proceeds to processing by the additional information generation unit 66 when the biometric information of the user has uncertainties in the collation.

  The additional information generation unit 66 generates biometric information that is additionally targeted by the collation unit 71 in addition to the biometric information that is the normal collation target by the collation unit 71. The verification information acquisition unit 72 without additional information acquires verification information having no additional information from the registration database 50.

  First, the collation unit 71 performs 1: 1 collation using the collation information acquired by the collation information acquisition unit 72 without additional information as a collation target. That is, the collation unit 71 collates the biometric information generated as a normal collation target with the collation information acquired by the collation information acquisition unit 72 without additional information.

  Here, when the verification fails and the type of user recorded in the registration database 50 is “difficult”, the verification unit 71 adds an additional verification target in addition to the biometric information generated as a normal verification target. Is collated with the collation information and the collation additional information acquired by the collation information acquisition unit 73 with additional information.

  As described above, the authentication device 30c performs verification using the verification additional information registered as having uncertainty in biometric information verification for the user who has determined that biometric information verification is uncertain. be able to. Therefore, the authentication device 30c can improve the success rate of verification for users who have uncertainty in verification of biometric information. As a result, the authentication device 30c improves the usability of the user who frequently fails the verification.

  The above processing functions can be realized by a computer. In that case, a program describing the processing contents of functions that the authentication device 20, the authentication device 30 (including the authentication devices 30a, 30b, and 30c), the authentication device 32, and the authentication server 35 should have is provided. By executing the program on a computer, the above processing functions are realized on the computer. The program describing the processing contents can be recorded on a computer-readable recording medium (including a portable recording medium). Examples of the computer-readable recording medium include a magnetic recording device, an optical disk, a magneto-optical recording medium, and a semiconductor memory. Examples of the magnetic recording device include a hard disk device (HDD), a flexible disk (FD), and a magnetic tape. Optical discs include DVD (Digital Versatile Disc), DVD-RAM, CD-ROM, CD-R (Recordable) / RW (ReWritable), and the like. Magneto-optical recording media include MO (Magneto-Optical disk).

  When distributing the program, for example, portable recording media such as a DVD and a CD-ROM in which the program is recorded are sold. It is also possible to store the program in a storage device of a server computer and transfer the program from the server computer to another computer via a network.

  The computer that executes the program stores, for example, the program recorded on the portable recording medium or the program transferred from the server computer in its own storage device. Then, the computer reads the program from its own storage device and executes processing according to the program. The computer can also read the program directly from the portable recording medium and execute processing according to the program. Further, each time the program is transferred from the server computer, the computer can sequentially execute processing according to the received program.

  In the above-described embodiment, a system that performs authentication using a palm vein has been described as an example. However, the present invention is not limited thereto, and any other feature detection part of a living body may be used. For example, the other feature detection parts of the living body may be the soles of the feet, the toes and fingers, the backs of the limbs, the wrists, and the arms.

In addition, when using a vein for authentication, the other characteristic detection part of a biological body should just be a part which can observe a vein.
Any other feature detection part of the living body that can specify the biological information acquisition part is advantageous for authentication. For example, in the case of a palm or face, a part can be specified from the acquired image.

Note that the biometric information used for authentication is not limited to veins, but may be fingerprints, palm prints, or other information.
Further, the above-described embodiment can be variously modified within a range not departing from the gist of the embodiment.

  Further, the above-described embodiments can be modified and changed by those skilled in the art, and are not limited to the exact configurations and application examples described.

DESCRIPTION OF SYMBOLS 1 Authentication apparatus 2 Biometric information acquisition part 3 Judgment part 4 Information generation part 5 Collation object selection part 6 Collation part 7 Biometric information 8 Generation information 8a 1st generation information 8b 2nd generation information 9 Registration information 9a 1st registration information 9b 2nd Registration Information 10 Authentication System 20, 30, 30a, 30b, 30c, 32 Authentication Device 21 Processing Device 22 Display 23 Keyboard 24 Mouse with Built-in Sensor Unit 25 IC Card Reader / Writer 26 IC Card 31, 33 Sensor Unit 34 Door 35 Authentication Server 36 Network DESCRIPTION OF SYMBOLS 50 Registration database 51 Biometric information list 60 User information acquisition part 61 Image acquisition part 62 Image selection part 63 Fluctuation amount determination part 64 Fluctuation factor specific | specification part 65 Correction | amendment part 66 Additional information generation part 67 Retry part 68 Registration part 69 Target for collation without additional information Designation part 70 Additional information available If the target specifying unit 71 verifying section 72 Yes No verification information acquisition unit 73 adds information additional information verification information acquisition unit

Claims (10)

A biometric information acquisition unit that acquires biometric information from the person to be authenticated;
A determination unit that determines whether or not the person to be authenticated has uncertainties in verification;
First generation information used for verification is generated from the biometric information, and second generation information used for verification is added from the biometric information in addition to the first generation information when the person to be authenticated has verification uncertainty. An information generator to generate;
First registration information registered in advance for checking the biometric information is set as a check target, or second registration information registered in advance for checking the biometric information is added to the first registration information. A collation target selection unit for selecting whether to be a collation target; and
A collation unit that collates registration information selected as a collation target and corresponding generation information;
An authentication device comprising: The information generation unit generates the second generation information based on a determination result by the determination unit that the person to be authenticated has uncertainty of verification,
The verification target selection unit sets the second registration information as a verification target in addition to the first registration information based on a determination result by the determination unit that the person to be authenticated has verification uncertainty. The authentication apparatus according to claim 1, wherein: The information generation unit generates the second generation information based on a determination result by the determination unit that the person to be authenticated has uncertainty of verification,
The verification target selection unit adds the second registration information to the verification target in addition to the first registration information based on information indicating the verification uncertainty of the authentication target person registered in advance. The authentication device according to claim 1.   4. The information indicating the verification uncertainty of the authentication target person can be updated based on a determination result by the determination unit that the authentication target person has a verification uncertainty. Authentication device.   The authentication apparatus according to claim 1, wherein the determination unit determines the verification uncertainty of the person to be authenticated based on the biometric information acquired by the biometric information acquisition unit during authentication.   The authentication device according to claim 1, wherein the determination unit determines whether or not the uncertainties exist by comparing two or more pieces of biometric information having different acquisition timings.   2. The authentication according to claim 1, wherein the determination unit determines whether or not the uncertainties are obtained by comparing two or more pieces of feature information extracted in different manners from the acquired one biological information. apparatus.   The determination unit is configured to determine whether or not the authentication target has the uncertainty based on uncertainty information indicating whether or not the authentication target has the uncertainty. The authentication device according to claim 1. On the computer,
Obtain biometric information from the person to be authenticated,
Determining whether the person to be authenticated has uncertainties in verification;
First generation information used for verification is generated from the biometric information, and second generation information used for verification is added from the biometric information in addition to the first generation information when the person to be authenticated has verification uncertainty. Generate
First registration information registered in advance for checking the biometric information is set as a check target, or second registration information registered in advance for checking the biometric information is added to the first registration information. Select whether to match,
Check the registered information selected for verification against the corresponding generated information.
An authentication program characterized by causing processing to be executed. Obtain biometric information from the person to be authenticated,
Determining whether the person to be authenticated has uncertainties in verification;
First generation information used for verification is generated from the biometric information, and second generation information used for verification is added from the biometric information in addition to the first generation information when the person to be authenticated has verification uncertainty. Generate
First registration information registered in advance for checking the biometric information is set as a check target, or second registration information registered in advance for checking the biometric information is added to the first registration information. Select whether to match,
Check the registered information selected for verification against the corresponding generated information.
An authentication method characterized by that.

Images